One of the most talked about subjects over the past couple of years has got to be data security. Most of the big companies have had breaches, from Talk Talk to Morrison’s, and there are many more businesses whose names have not appeared in the media. So, how can you make sure that you are not next? Well, the main law surrounding the security of data in your company’s possession is the Data Protection Act 1998, so let’s start there…
What does the Data Protection Act say about your responsibilities?
“Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.”
In practice, it means you must have appropriate security measures in place to prevent the personal data you hold being accidentally or deliberately compromised. In particular, you will need to:
- design and organise your security to fit the nature of the personal data you hold and the harm that may result from a security breach;
- be clear about who in your organisation is responsible for ensuring information security;
- make sure you have the right physical and technical security, backed up by robust policies and procedures and reliable, well-trained staff;
- and finally, you must be ready to respond to any breach of security swiftly and effectively.
The two most important elements of this for your business is to ensure you do everything you can to secure the data, and ensure that only the appropriate members of staff are able to access it. This data can range from financial transactions such as credit card transaction details, to personal or medical records. Most businesses keep personnel records, financial records, customer details etc. so are obliged to comply with the Data Protection Act 1998.
Decide Onsite or Offsite?
The most common reason for data being lost is the loss or theft of equipment. If your premises is broken into and your server or computer is stolen, you would potentially lose private or personal data, or if the USB backup drive you take home every night is lost or stolen the same would apply.
Data in the Cloud can also often be seen as insecure, what about the hackers out there constantly trying to access our networks?
It’s all down to personal preference, you can secure your premises with many security methods, but it’s worth pointing out that data centres are some of the most secure premises in the UK. With 24 hour manned security, CCTV, and biometric security, it’s hard for authorised personnel to get into the building – never mind strangers!
There are many new security measures available to cloud servers such as two-factor authentication (where users are sent a text before login to ensure they are who they say they are ), or locking down access to a specific location or computer. Here at Cloud Heroes, we can offer both of these measures and more, and our engineers are always happy to discuss your security measures with you and find the best solution for your business.